Pierluigi Paganini
December 05, 2019
Analyzing how tactics, techniques and procedures of the Russia-linked APT28 cyberespionage group evolve over the time. APT28 is a well known Russian cyber espionage group attributed, with a medium level of confidence, to Russian military intelligence agency GRU (by CrowdStrike). It is also known as Sofacy Group (by Kaspersky) or STRONTIUM (by Microsoft) and it’s used to target Aereospace, Defence, Governmente Agencies, International […]
Pierluigi Paganini
October 21, 2019
Czech police and intelligence services have identified a Russian espionage network operating having a nerve center in its Prague embassy. Czech police and intelligence services have dismantled a Russian espionage network operating that was operating via its Prague embassy. The officials were helped by peers at the National Organised Crime Centre (NCOZ). According to the […]
Pierluigi Paganini
October 07, 2019
The United States and Baltic announced cooperation to protect the Baltic energy grid from cyber attacks as they disconnect from the Russian electricity grid. The US and Baltic agreed to cooperate to protect the Baltic energy grid from cyber attacks as they disconnect from the Russian electricity grid. US Energy Secretary Rick Perry and counterparts […]
Pierluigi Paganini
September 26, 2019
A joint research from Intezer and Check Point Research shows connections between nearly 2,000 malware samples developed by Russian APT groups. A joint research from Intezer and Check Point Research shed light on Russian hacking ecosystem and reveals connections between nearly 2,000 malware samples developed by Russian APT groups. The report is extremely interesting because gives to the analysts […]
Pierluigi Paganini
August 30, 2019
A Russian security researcher has found that hardware wiretapping equipment composing Russia’s SORM surveillance system had been leaking user data. The Russian researcher Leonid Evdokimov has found that hardware wiretapping equipment used by the Kremlin as part of the SORM surveillance system (Russian: Система оперативно-разыскных мероприятий, lit. ‘System for Operative Investigative Activities’) had been leaking data online. The […]
Pierluigi Paganini
July 29, 2019
Facebook recently announced that it removed multiple pages, groups, and accounts tied to Russia involved in psyops ahead of the election in Ukraine. Facebook spotted four campaigns that appear independent, three of them associated with Russian threat actors. One of the operations involved 18 Facebook accounts, nine pages, and three groups. Threat actors attempted to […]
Pierluigi Paganini
July 17, 2019
Kaspersky researchers revealed that since earlier this year, Russia-linked APT group Turla used new variants of the KopiLuwak Trojan in targeted attacks. Security experts at Kaspersky revealed that the Russia-linked APT group Turla used new variants of the KopiLuwak Trojan in targeted attacks since early 2019. The Turla APT group (aka Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) has been active since at least 2007 targeting […]
Pierluigi Paganini
June 17, 2019
According to The New York Times, the United States planted destructive malware in Russia’s electric power grid. The New York Times, citing current and former government officials, revealed that the United States planted a potentially destructive malware in Russia’s electric power grid. The U.S. cyber army is targeting the Russian power grid since at least […]
Pierluigi Paganini
June 04, 2019
Gamaredon continues to target Ukraine, Yoroi-Cybaze ZLab spotted a new suspicious activity potentially linked to the popular APT group Introduction The Gamaredon attacks against Ukraine don’t seem to have stopped. After a month since our last report we spotted a new suspicious email potentially linked to the Gamaredon group. The group was first discovered by Symantec and TrendMicro in 2015 but […]
Pierluigi Paganini
June 02, 2019
Turla, the Russia-linked cyberespionage group, is weaponizing PowerShell scripts and is using them in attacks against EU diplomats. Turla (aka Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON), the Russia-linked APT group, is using weaponized PowerShell scripts in attacks aimed at EU diplomats. Turla group has been active since at least 2007 targeting government organizations and […]
